From e2b5c86e43c63035ecbf2fd3bf8b8ff7f7905da4 Mon Sep 17 00:00:00 2001
From: djm <>
Date: Sat, 23 Aug 2008 06:15:16 +0000
Subject: [PATCH] fix calloc() for MALLOC_OPTIONS=J case: SOME_JUNK was being
 filled into the freshly mmaped pages disrupting their pure zeroness; ok otto@
 deraadt@

---
 src/lib/libc/stdlib/malloc.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/lib/libc/stdlib/malloc.c b/src/lib/libc/stdlib/malloc.c
index 4379e091..711c8470 100644
--- a/src/lib/libc/stdlib/malloc.c
+++ b/src/lib/libc/stdlib/malloc.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: malloc.c,v 1.95 2008/08/22 21:25:10 otto Exp $	*/
+/*	$OpenBSD: malloc.c,v 1.96 2008/08/23 06:15:16 djm Exp $	*/
 /*
  * Copyright (c) 2008 Otto Moerbeek <otto@drijf.net>
  *
@@ -1085,7 +1085,7 @@ omalloc(size_t sz, int zero_fill)
 			malloc_guarded += malloc_guard;
 		}
 		if (malloc_junk)
-			memset(p, SOME_JUNK, psz - malloc_guard);
+			memset(p + sz, SOME_JUNK, psz - sz - malloc_guard);
 
 		/* shift towards the end */
 		if (malloc_move &&